There are significant changes coming down the pike for SOC 2 reports. Kfi has prepared a whitepaper to help you prepare: SOC_2_Changes_White_Paper
The purpose of this whitepaper is to describe prevalent IT security vulnerabilities and the corresponding controls that companies deploy to respond to them. KFI-Top 10 IT Security Vulnerabilities-White-Paper
In April 2017, the American Institute of Certified Public Accountants (AICPA) released a new framework for cybersecurity risk management that can help businesses meet the growing challenges that they face from cybersecurity threats. The purpose of this whitepaper is to provide answers to some of the frequently asked questions that Kfi […]
SSAE No. 18 is effective for SOC reports, Agreed Upon Procedures and examination reports dated on or after May 1, 2017. Kfi has prepared a whitepaper summarizing the changes that you can expect relative to SOC reporting. KFI-SSAENo18-White-Paper
This is a series of posts on how the COSO framework impacts service organizations, particularly those that receive SOC reports. COSO Framework for Service Organizations and SOC Reporting (Part 1 of 3) COSO blog post 2 of 3 COSO blog post 3 of 3
Internal control improvements are often perceived as adding cost to an organization. In fact, the argument against some control improvements is that the cost to implement them outweighs the benefits they create. There are some control improvements, however, that have a high likelihood of generating true economic returns.